EasyManua.ls Logo

Cisco Catalyst 4500 Series - Configuring the Switch for Vendor-Proprietary RADIUS Server Communication

Cisco Catalyst 4500 Series
2086 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Loading...
49-112
Catalyst 4500 Series Switch, Cisco IOS Software Configuration Guide - Cisco IOS XE 3.9.xE and IOS 15.2(5)Ex
Chapter 49 Configuring 802.1X Port-Based Authentication
Controlling Switch Access with RADIUS
To configure the switch to recognize and use VSAs, perform these steps:
Note For a complete list of RADIUS attributes or more information about vendor-specific attribute 26, see the
“RADIUS Attributes” appendix in the Cisco IOS Security Configuration Guide, Release 12.2 from the
Cisco.com page under Documentation > Cisco IOS Software > 12.2 Mainline > Command
References.
Configuring the Switch for Vendor-Proprietary RADIUS Server Communication
Although an IETF draft standard for RADIUS specifies a method for communicating vendor-proprietary information between
the switch and the RADIUS server, some vendors have extended the RADIUS attribute set in a unique way. Cisco IOS software
supports a subset of vendor-proprietary RADIUS attributes.
As mentioned earlier, to configure RADIUS (whether vendor-proprietary or IETF draft-compliant), you must specify the host
running the RADIUS server daemon and the secret text string it shares with the switch. You specify the RADIUS host and
secret text string by using the radius-server global configuration commands.
To specify a vendor-proprietary RADIUS server host and a shared secret text string, perform this task:
Command Purpose
Step 1
Switch# configure terminal
Enters global configuration mode.
Step 2
Switch(config)# radius-server vsa
send [accounting |
authentication]
Enables the switch to recognize and use VSAs as defined by RADIUS IETF
attribute 26.
(Optional) Use the accounting keyword to limit the set of recognized
vendor-specific attributes to only accounting attributes.
(Optional) Use the authentication keyword to limit the set of
recognized vendor-specific attributes to only authentication attributes.
If you enter this command without keywords, both accounting and
authentication vendor-specific attributes are used.
Step 3
Switch(config)# end
Returns to privileged EXEC mode.
Step 4
Switch# show running-config
Verifies your settings.
Step 5
Switch# copy running-config
startup-config
(Optional) Saves your entries in the configuration file.
Command Purpose
Step 1
Switch# configure terminal
Enters global configuration mode.
Step 2
Switch(config)# radius-server host {hostname |
ip-address} non-standard
Specifies the IP address or hostname of the remote
RADIUS server host and identify that it is using a
vendor-proprietary implementation of RADIUS.

Table of Contents

Other manuals for Cisco Catalyst 4500 Series

Preview: Manual
Manual19 pages
Preview: Administration Guide
Administration Guide1814 pages
Preview: Configuration Guide
Configuration Guide1610 pages
Preview: Command Reference Guide
Command Reference Guide1230 pages
Preview: System Message Guide
System Message Guide150 pages
Preview: Message Guide
Message Guide146 pages
Preview: Quick Reference Guide
Quick Reference Guide59 pages
Preview: Datasheet
Datasheet11 pages
Preview: Installation Guide
Installation Guide194 pages
Preview: Overview
Overview46 pages

Related product manuals